EP2863309A3 - Mise en correspondance de graphe contextuel sur la base de la détection d'anomalies - Google Patents

Mise en correspondance de graphe contextuel sur la base de la détection d'anomalies Download PDF

Info

Publication number
EP2863309A3
EP2863309A3 EP14188168.0A EP14188168A EP2863309A3 EP 2863309 A3 EP2863309 A3 EP 2863309A3 EP 14188168 A EP14188168 A EP 14188168A EP 2863309 A3 EP2863309 A3 EP 2863309A3
Authority
EP
European Patent Office
Prior art keywords
graph
incoming
decomposed
master
walk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP14188168.0A
Other languages
German (de)
English (en)
Other versions
EP2863309A2 (fr
EP2863309B1 (fr
Inventor
Colin A. PURI
John K. Nguyen
Scott W. Kurth
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Accenture Global Services Ltd
Original Assignee
Accenture Global Services Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Accenture Global Services Ltd filed Critical Accenture Global Services Ltd
Publication of EP2863309A2 publication Critical patent/EP2863309A2/fr
Publication of EP2863309A3 publication Critical patent/EP2863309A3/fr
Application granted granted Critical
Publication of EP2863309B1 publication Critical patent/EP2863309B1/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/079Root cause analysis, i.e. error or fault diagnosis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0706Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0706Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
    • G06F11/0709Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in a distributed system consisting of a plurality of standalone computer nodes, e.g. clusters, client-server systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0751Error or fault detection not based on redundancy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0766Error or fault reporting or storing
    • G06F11/0778Dumping, i.e. gathering error/state information after a fault for later diagnosis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/04Inference or reasoning models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
EP14188168.0A 2013-10-11 2014-10-08 Mise en correspondance de graphe contextuel sur la base de la détection d'anomalies Active EP2863309B1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361889722P 2013-10-11 2013-10-11
US14/173,533 US9367809B2 (en) 2013-10-11 2014-02-05 Contextual graph matching based anomaly detection

Publications (3)

Publication Number Publication Date
EP2863309A2 EP2863309A2 (fr) 2015-04-22
EP2863309A3 true EP2863309A3 (fr) 2015-06-10
EP2863309B1 EP2863309B1 (fr) 2018-11-21

Family

ID=51752993

Family Applications (1)

Application Number Title Priority Date Filing Date
EP14188168.0A Active EP2863309B1 (fr) 2013-10-11 2014-10-08 Mise en correspondance de graphe contextuel sur la base de la détection d'anomalies

Country Status (3)

Country Link
US (2) US9367809B2 (fr)
EP (1) EP2863309B1 (fr)
AU (1) AU2014240239B2 (fr)

Families Citing this family (107)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10218639B2 (en) * 2014-03-14 2019-02-26 Microsoft Technology Licensing, Llc Computing long-term schedules for data transfers over a wide area network
EP2928157B1 (fr) * 2014-04-04 2019-12-18 Siemens Aktiengesellschaft Procédé d'analyse et/ou d'évaluation d'au moins un événement au sein d'une installation technique
US9760835B2 (en) * 2014-08-20 2017-09-12 International Business Machines Corporation Reasoning over cyclical directed graphical models
US10891272B2 (en) 2014-09-26 2021-01-12 Oracle International Corporation Declarative language and visualization system for recommended data transformations and repairs
US10296192B2 (en) 2014-09-26 2019-05-21 Oracle International Corporation Dynamic visual profiling and visualization of high volume datasets and real-time smart sampling and statistical profiling of extremely large datasets
US10210246B2 (en) 2014-09-26 2019-02-19 Oracle International Corporation Techniques for similarity analysis and data enrichment using knowledge sources
US9736173B2 (en) * 2014-10-10 2017-08-15 Nec Corporation Differential dependency tracking for attack forensics
US9923908B2 (en) 2015-04-29 2018-03-20 International Business Machines Corporation Data protection in a networked computing environment
US9462013B1 (en) 2015-04-29 2016-10-04 International Business Machines Corporation Managing security breaches in a networked computing environment
US9954870B2 (en) * 2015-04-29 2018-04-24 International Business Machines Corporation System conversion in a networked computing environment
US10318584B2 (en) * 2015-05-26 2019-06-11 Ayasdi, Inc. Outcome analysis for graph generation
US10505819B2 (en) 2015-06-04 2019-12-10 Cisco Technology, Inc. Method and apparatus for computing cell density based rareness for use in anomaly detection
AU2016204068B2 (en) 2015-06-17 2017-02-16 Accenture Global Services Limited Data acceleration
US10621063B2 (en) * 2015-07-10 2020-04-14 Cisco Technology, Inc. System and method for dynamic domain-specific sequence diagram visualization
US10430721B2 (en) * 2015-07-27 2019-10-01 Pivotal Software, Inc. Classifying user behavior as anomalous
US9537880B1 (en) * 2015-08-19 2017-01-03 Palantir Technologies Inc. Anomalous network monitoring, user behavior detection and database system
US9699205B2 (en) 2015-08-31 2017-07-04 Splunk Inc. Network security system
US10284453B2 (en) 2015-09-08 2019-05-07 Uber Technologies, Inc. System event analyzer and outlier visualization
US9794158B2 (en) * 2015-09-08 2017-10-17 Uber Technologies, Inc. System event analyzer and outlier visualization
CN105117286B (zh) * 2015-09-22 2018-06-12 北京大学 MapReduce中任务的调度方法和流水化执行方法
KR102149866B1 (ko) * 2015-09-29 2020-09-01 에이에스엠엘 네델란즈 비.브이. 리소그래피 시스템들과 같은 시스템들을 모델링하거나 시스템들의 예측 유지보수를 수행하는 방법들, 및 연계된 리소그래피 시스템들.
CN106572057A (zh) * 2015-10-10 2017-04-19 百度在线网络技术(北京)有限公司 检测用户登录异常信息的方法和装置
US10235231B2 (en) * 2015-11-18 2019-03-19 Nec Corporation Anomaly fusion on temporal casualty graphs
US10180872B2 (en) * 2016-04-14 2019-01-15 Vmware, Inc. Methods and systems that identify problems in applications
US10205734B2 (en) 2016-05-09 2019-02-12 Accenture Global Solutions Limited Network sampling based path decomposition and anomaly detection
AU2017274576B2 (en) * 2016-06-03 2022-03-10 Commonwealth Scientific And Industrial Research Organisation Classification of log data
US10652257B1 (en) * 2016-07-11 2020-05-12 State Farm Mutual Automobile Insurance Company Detection of anomalous computer behavior
CN107666468B (zh) * 2016-07-29 2020-08-04 中国电信股份有限公司 网络安全检测方法和装置
CN107797852A (zh) * 2016-09-06 2018-03-13 阿里巴巴集团控股有限公司 数据迭代的处理装置及处理方法
US10650000B2 (en) 2016-09-15 2020-05-12 Oracle International Corporation Techniques for relationship discovery between datasets
US10565222B2 (en) 2016-09-15 2020-02-18 Oracle International Corporation Techniques for facilitating the joining of datasets
US10445062B2 (en) 2016-09-15 2019-10-15 Oracle International Corporation Techniques for dataset similarity discovery
US10467229B2 (en) 2016-09-30 2019-11-05 Microsoft Technology Licensing, Llc. Query-time analytics on graph queries spanning subgraphs
US20180114126A1 (en) * 2016-10-24 2018-04-26 Oracle International Corporation Systems and methods for identifying process flows from log files and visualizing the flow
US10545945B2 (en) 2016-10-28 2020-01-28 Microsoft Technology Licensing, Llc Change monitoring spanning graph queries
US10261839B2 (en) * 2016-11-02 2019-04-16 International Business Machines Corporation Outlier and root cause determination of excessive resource usage in a virtual machine environment
US10452672B2 (en) 2016-11-04 2019-10-22 Microsoft Technology Licensing, Llc Enriching data in an isolated collection of resources and relationships
US10885114B2 (en) 2016-11-04 2021-01-05 Microsoft Technology Licensing, Llc Dynamic entity model generation from graph data
US11475320B2 (en) 2016-11-04 2022-10-18 Microsoft Technology Licensing, Llc Contextual analysis of isolated collections based on differential ontologies
US10481960B2 (en) 2016-11-04 2019-11-19 Microsoft Technology Licensing, Llc Ingress and egress of data using callback notifications
US10614057B2 (en) 2016-11-04 2020-04-07 Microsoft Technology Licensing, Llc Shared processing of rulesets for isolated collections of resources and relationships
US10402408B2 (en) 2016-11-04 2019-09-03 Microsoft Technology Licensing, Llc Versioning of inferred data in an enriched isolated collection of resources and relationships
US10445361B2 (en) 2016-12-15 2019-10-15 Microsoft Technology Licensing, Llc Caching of subgraphs and integration of cached subgraphs into graph query results
US10402403B2 (en) * 2016-12-15 2019-09-03 Microsoft Technology Licensing, Llc Utilization of probabilistic characteristics for reduction of graph database traversals
US11288161B2 (en) * 2016-12-27 2022-03-29 Nec Corporation Anomaly detection method, system, and program
US10237294B1 (en) 2017-01-30 2019-03-19 Splunk Inc. Fingerprinting entities based on activity in an information technology environment
US10205735B2 (en) 2017-01-30 2019-02-12 Splunk Inc. Graph-based network security threat detection across time and entities
WO2018145743A1 (fr) * 2017-02-08 2018-08-16 Huawei Technologies Co., Ltd. Système et procédé de gestion de défaillance utilisant des traces d'exécution distribuée
US10242223B2 (en) 2017-02-27 2019-03-26 Microsoft Technology Licensing, Llc Access controlled graph query spanning
US10810472B2 (en) 2017-05-26 2020-10-20 Oracle International Corporation Techniques for sentiment analysis of data using a convolutional neural network and a co-occurrence network
US10523520B2 (en) * 2017-05-30 2019-12-31 International Business Machines Corporation System anomaly detection using parameter flows
JP6551565B2 (ja) * 2017-06-02 2019-07-31 オムロン株式会社 工程解析装置、工程解析方法、及び工程解析プログラム
EP3410245A1 (fr) * 2017-06-02 2018-12-05 OMRON Corporation Appareil d'analyse de processus, procédé d'analyse de processus et programme d'analyse de processus
US10417063B2 (en) 2017-06-28 2019-09-17 Microsoft Technology Licensing, Llc Artificial creation of dominant sequences that are representative of logged events
US10592666B2 (en) 2017-08-31 2020-03-17 Micro Focus Llc Detecting anomalous entities
US10275235B2 (en) * 2017-09-18 2019-04-30 International Business Machines Corporation Adaptable management of web application state in a micro-service architecture
US10885056B2 (en) 2017-09-29 2021-01-05 Oracle International Corporation Data standardization techniques
US10936599B2 (en) 2017-09-29 2021-03-02 Oracle International Corporation Adaptive recommendations
US10735457B2 (en) 2017-10-03 2020-08-04 Microsoft Technology Licensing, Llc Intrusion investigation
CN110019068B (zh) * 2017-10-19 2023-04-28 阿里巴巴集团控股有限公司 一种日志文本处理方法和装置
US10365905B1 (en) * 2017-10-26 2019-07-30 Facebook, Inc. Systems and methods for evaluating application performance changes via comparative call graphs
US11777785B2 (en) * 2018-01-21 2023-10-03 Cisco Technology, Inc. Alert throttling
US20190243743A1 (en) * 2018-02-07 2019-08-08 Apple Inc. Unsupervised anomaly detection
US10817604B1 (en) * 2018-06-19 2020-10-27 Architecture Technology Corporation Systems and methods for processing source codes to detect non-malicious faults
US10749890B1 (en) 2018-06-19 2020-08-18 Architecture Technology Corporation Systems and methods for improving the ranking and prioritization of attack-related events
US10764149B2 (en) * 2018-09-12 2020-09-01 The Mitre Corporation Cyber-physical system evaluation
CN110896386B (zh) * 2018-09-12 2022-05-10 西门子(中国)有限公司 识别安全威胁的方法、装置、存储介质、处理器和终端
US11941054B2 (en) * 2018-10-12 2024-03-26 International Business Machines Corporation Iterative constraint solving in abstract graph matching for cyber incident reasoning
US11429713B1 (en) 2019-01-24 2022-08-30 Architecture Technology Corporation Artificial intelligence modeling for cyber-attack simulation protocols
US11128654B1 (en) 2019-02-04 2021-09-21 Architecture Technology Corporation Systems and methods for unified hierarchical cybersecurity
US11177962B2 (en) 2019-02-05 2021-11-16 Visa International Service Association Optimizations for verification of interactions system and method
US11275791B2 (en) * 2019-03-28 2022-03-15 International Business Machines Corporation Automatic construction and organization of knowledge graphs for problem diagnoses
CN111814002A (zh) * 2019-04-12 2020-10-23 阿里巴巴集团控股有限公司 一种有向图识别方法及系统和服务器
EP3734460B1 (fr) * 2019-04-30 2021-10-27 Hewlett Packard Enterprise Development LP Essais de logiciels probabilistes par l'intermédiaire de graphes dynamiques
WO2020231427A1 (fr) * 2019-05-15 2020-11-19 Hewlett-Packard Development Company, L.P. Génération de graphe de microservices
US11451581B2 (en) 2019-05-20 2022-09-20 Architecture Technology Corporation Systems and methods for malware detection and mitigation
US11403405B1 (en) 2019-06-27 2022-08-02 Architecture Technology Corporation Portable vulnerability identification tool for embedded non-IP devices
US11483294B2 (en) 2019-08-28 2022-10-25 University Of Maryland, Baltimore County Method for anonymizing network data using differential privacy
US11514179B2 (en) * 2019-09-30 2022-11-29 Td Ameritrade Ip Company, Inc. Systems and methods for computing database interactions and evaluating interaction parameters
US11201893B2 (en) * 2019-10-08 2021-12-14 The Boeing Company Systems and methods for performing cybersecurity risk assessments
EP3887920A4 (fr) 2019-10-18 2022-09-14 Feedzai - Consultadoria e Inovação Tecnológica, S.A. Décomposition de graphes pour analyse de transactions frauduleuses
US11444974B1 (en) 2019-10-23 2022-09-13 Architecture Technology Corporation Systems and methods for cyber-physical threat modeling
US11468044B2 (en) * 2019-11-25 2022-10-11 Visa International Service Association Optimizations for verification of interactions system and method using probability density functions
US11157347B2 (en) * 2019-12-02 2021-10-26 EMC IP Holding Company LLC Detection of resource bottlenecks in user devices using artificial intelligence and causal graphs
CN112905370A (zh) * 2019-12-03 2021-06-04 中兴通讯股份有限公司 拓扑图生成方法、异常检测方法、装置、设备及存储介质
US11818145B2 (en) * 2019-12-09 2023-11-14 International Business Machines Corporation Characterizing user behavior in a computer system by automated learning of intention embedded in a system-generated event graph
US11503075B1 (en) 2020-01-14 2022-11-15 Architecture Technology Corporation Systems and methods for continuous compliance of nodes
US11677775B2 (en) * 2020-04-10 2023-06-13 AttackIQ, Inc. System and method for emulating a multi-stage attack on a node within a target network
US11494787B2 (en) * 2020-06-30 2022-11-08 Optum, Inc. Graph convolutional anomaly detection
US11770387B1 (en) * 2020-07-17 2023-09-26 Rapid7, Inc. Graph-based detection of lateral movement in computer networks
US20220027257A1 (en) * 2020-07-23 2022-01-27 Vmware, Inc. Automated Methods and Systems for Managing Problem Instances of Applications in a Distributed Computing Facility
CN111949481A (zh) * 2020-08-11 2020-11-17 安徽继远检验检测技术有限公司 一种基于微服务的异常追踪检测系统
US11403326B2 (en) 2020-12-03 2022-08-02 International Business Machines Corporation Message-based event grouping for a computing operation
US11797538B2 (en) 2020-12-03 2023-10-24 International Business Machines Corporation Message correlation extraction for mainframe operation
US11474892B2 (en) 2020-12-03 2022-10-18 International Business Machines Corporation Graph-based log sequence anomaly detection and problem diagnosis
US11513930B2 (en) 2020-12-03 2022-11-29 International Business Machines Corporation Log-based status modeling and problem diagnosis for distributed applications
US11599404B2 (en) 2020-12-03 2023-03-07 International Business Machines Corporation Correlation-based multi-source problem diagnosis
US11243835B1 (en) * 2020-12-03 2022-02-08 International Business Machines Corporation Message-based problem diagnosis and root cause analysis
US11606378B1 (en) 2020-12-30 2023-03-14 Rapid7, Inc. Lateral movement detection using a mixture of online anomaly scoring models
US11720667B2 (en) * 2021-03-29 2023-08-08 International Business Machines Corporation Stateful microservice-aware intrusion detection
US11956212B2 (en) 2021-03-31 2024-04-09 Palo Alto Networks, Inc. IoT device application workload capture
US11640329B2 (en) * 2021-04-01 2023-05-02 Bmc Software, Inc. Using an event graph schema for root cause identification and event classification in system monitoring
US11895150B2 (en) * 2021-07-28 2024-02-06 Accenture Global Solutions Limited Discovering cyber-attack process model based on analytical attack graphs
US11949701B2 (en) * 2021-08-04 2024-04-02 Microsoft Technology Licensing, Llc Network access anomaly detection via graph embedding
US11397808B1 (en) * 2021-09-02 2022-07-26 Confluera, Inc. Attack detection based on graph edge context
US20230095870A1 (en) * 2021-09-30 2023-03-30 Palo Alto Networks, Inc. Iot security event correlation
US11734419B1 (en) 2022-06-23 2023-08-22 Sas Institute, Inc. Directed graph interface for detecting and mitigating anomalies in entity interactions

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7681182B1 (en) * 2008-11-06 2010-03-16 International Business Machines Corporation Including function call graphs (FCG) generated from trace analysis data within a searchable problem determination knowledge base

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7302677B2 (en) 2003-05-08 2007-11-27 Microsoft Corporation Event driven graph explorer for model-based testing of software
JP4746850B2 (ja) 2004-06-21 2011-08-10 富士通株式会社 パターン生成プログラム
GB2465860B (en) 2008-12-04 2011-01-12 Ibm Method and system for detecting and predicting anomalous situations in a computer system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7681182B1 (en) * 2008-11-06 2010-03-16 International Business Machines Corporation Including function call graphs (FCG) generated from trace analysis data within a searchable problem determination knowledge base

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
BLAKE ANDERSON ET AL: "Graph-based malware detection using dynamic analysis", JOURNAL IN COMPUTER VIROLOGY, SPRINGER-VERLAG, PA, vol. 7, no. 4, 8 June 2011 (2011-06-08), pages 247 - 258, XP019969603, ISSN: 1772-9904, DOI: 10.1007/S11416-011-0152-X *
XIN HU, TZI-CKER CHIUEH, KANG G. SHIN: "Large-scale malware indexing using function-call graphs", PROCEEDING CCS '09 PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 9 November 2009 (2009-11-09) - 13 November 2009 (2009-11-13), ACM New York, NY, USA 2009, pages 611 - 620, XP002738896 *

Also Published As

Publication number Publication date
US20150106324A1 (en) 2015-04-16
EP2863309A2 (fr) 2015-04-22
US9367809B2 (en) 2016-06-14
US10592324B2 (en) 2020-03-17
EP2863309B1 (fr) 2018-11-21
US20160253232A1 (en) 2016-09-01
AU2014240239A1 (en) 2015-04-30
AU2014240239B2 (en) 2015-05-21

Similar Documents

Publication Publication Date Title
EP2863309A3 (fr) Mise en correspondance de graphe contextuel sur la base de la détection d'anomalies
BR112018007040A2 (pt) método e aparelho para detectar e classificar a atividade convulsiva
MX2015000193A (es) Metodo y dispositivo para ocultar informacion de privacidad.
EP3136249A4 (fr) Dispositif d'analyse de journal, dispositif de détection d'attaque, procédé et programme de détection d'attaques
MX2022000580A (es) Sistemas, dispositivos, y metodos para detectar fertilidad y genero de huevos no eclosionados.
EP2908454A3 (fr) Techniques de détection de mystification GPS
WO2015138497A3 (fr) Systèmes et procédés d'analyse de données rapide
EP2472425A3 (fr) Système et procédé de détection de malveillance inconnue
GB201202344D0 (en) Method of locating a sensor and related apparatus
EP3096235A4 (fr) Système de traitement d'informations, serveur de traitement d'informations, programme de traitement d'informations et procédé d'évaluation de la fatigue
WO2015047802A3 (fr) Centre de détection de menaces avancées persistantes (apt)
WO2012167056A3 (fr) Système et procédé de détection non basée sur une signature de processus malveillants
AR079998A1 (es) Aparato y metodo para extraer una senal directa/de ambiente de una senal de mezcla descendente e informacion parametrica espacial
GB2511690A (en) Detecting malware using stored patterns
WO2014182460A3 (fr) Procédé et appareil de détection de mot-clé cible
MX2021015008A (es) Sistemas y metodos de deteccion de cancer.
WO2014151681A3 (fr) Procédés et appareil servant à estimer la démographie sur la base d'images aériennes
WO2014043353A3 (fr) Procédés, dispositifs et systèmes pour détecter des objets dans une vidéo
GB2539345A (en) Time lapse electromagnetic monitoring
IN2014CN05002A (fr)
WO2015160415A3 (fr) Systèmes et procédés d'analyse visuelle de sentiments
GB201209399D0 (en) A method for identifying pairs of derivative and original images
MX2018001483A (es) Sistemas y metodos para detectar tornados.
EP2801932A3 (fr) Puce neuromorphique, procédé et appareil de détection d'un événement de pointe
WO2016033247A3 (fr) Apprentissage basé sur une population et incluant des réseaux de croyances profondes

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20141008

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/00 20130101ALN20150429BHEP

Ipc: H04L 12/24 20060101ALN20150429BHEP

Ipc: G06F 11/07 20060101AFI20150429BHEP

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

R17P Request for examination filed (corrected)

Effective date: 20151203

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180221

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/00 20130101ALN20180503BHEP

Ipc: H04L 12/24 20060101ALN20180503BHEP

Ipc: G06F 11/07 20060101AFI20180503BHEP

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/24 20060101ALN20180524BHEP

Ipc: G06F 11/07 20060101AFI20180524BHEP

Ipc: G06F 21/00 20130101ALN20180524BHEP

INTG Intention to grant announced

Effective date: 20180607

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAJ Information related to disapproval of communication of intention to grant by the applicant or resumption of examination proceedings by the epo deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR1

GRAL Information related to payment of fee for publishing/printing deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR3

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

GRAR Information related to intention to grant a patent recorded

Free format text: ORIGINAL CODE: EPIDOSNIGR71

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTC Intention to grant announced (deleted)
RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 11/07 20060101AFI20180903BHEP

Ipc: G06F 21/00 20130101ALN20180903BHEP

Ipc: H04L 12/24 20060101ALN20180903BHEP

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/24 20060101ALN20180912BHEP

Ipc: G06F 11/07 20060101AFI20180912BHEP

Ipc: G06F 21/00 20130101ALN20180912BHEP

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

INTG Intention to grant announced

Effective date: 20180919

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602014036369

Country of ref document: DE

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 1068344

Country of ref document: AT

Kind code of ref document: T

Effective date: 20181215

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20181121

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 1068344

Country of ref document: AT

Kind code of ref document: T

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190221

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190321

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190221

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190222

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20190321

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602014036369

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed

Effective date: 20190822

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191008

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191031

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191031

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20191031

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20191031

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20141008

Ref country code: MT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20181121

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230523

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IE

Payment date: 20230912

Year of fee payment: 10

Ref country code: GB

Payment date: 20230831

Year of fee payment: 10

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230911

Year of fee payment: 10

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20230830

Year of fee payment: 10